/** * @return string */ public function getPublicKey() { $pem = (string) $this->file->getPublicKey(); $pem = preg_replace('/\\-+BEGIN PUBLIC KEY\\-+/', '', $pem); $pem = preg_replace('/\\-+END PUBLIC KEY\\-+/', '', $pem); $pem = str_replace(array("\n", "\r", "\t"), '', trim($pem)); return $pem; }
function RSAEncrypt($text, $pem) { $x509 = new File_X509(); $rsa = new Crypt_RSA(); $x509->loadX509($pem); $rsa->loadKey($x509->getPublicKey()); $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); return bin2hex($rsa->encrypt($text)); }
public function testLoadSPKAC() { $test = 'MIICQDCCASgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChgo9mWzQm3TSwGgpZnIc54' . 'TZ8gYpfAO/AI0etvyWDqnFfdNCUQsqxTdSi6/rtrJdLGBsszRGrRIc/0JqmjM+jCHGYutLeo4xwgr' . 'a3HAZrWDypL5IlRWnLmLA4U/qGXCXNSk+9NrJl39X3IDA8o/aOJyr9iMUJMvswcWjVjPom3NhAgmJ' . 'ZwW0vUEMw9zszExpiRnGSO5XXntQW2qvfzo+J3NzS3BBbKxEmTsfOLHextcXeFQUaBQHXB/WOtweW' . 'Y/Bd4iZ8ETmhal28g1HWVcTFPD+V+KPRFeARlVEW6JmcJucW2WdJlBGKXXXPEfdHrDS3OgD/eDWfM' . 'JE4mChZ/icxAgMBAAEWADANBgkqhkiG9w0BAQQFAAOCAQEAUMvIKhlSgEgbC081b/FJwh6mbuVgYN' . 'ZV37Ts2WjrHoDFlabu9WXU8xzgaXct3sO51vJM5I36rY4UPyc6w3y9dLaamEwKUoWnpHG8mlXs2JG' . 'GEUOvxh5z9yfk/2ZmdCVBlKnU1LDB+ZDyNyNh5B0YULrJKw9e0jV+ymP7srwUSBcdUfZh1KEKGVIN' . 'Uv4J3GuL8V63E2unWCHGRPw4EmFVTbWpgMx96XR7p/pMavu6/pVKgYQqWLOmEeOK+dmT/QVon28d5' . 'dmeL7aWrpP+3x3L0A9cATksracQX676XogdAEXJ59fcr/S5AGw1TFErbyBbfyeAWvzDZIXeMXpb9h' . 'yNtA=='; $x509 = new File_X509(); $spkac = $x509->loadSPKAC($test); $this->assertInternalType('array', $spkac); $spkac = $x509->loadSPKAC('SPKAC=' . $test); $this->assertInternalType('array', $spkac); $this->assertTrue($x509->validateSignature(), 'Failed asserting that the signature is valid'); $pubKey = $x509->getPublicKey(); $this->assertInternalType('string', "{$pubKey}"); }
protected function initRsa($publicKeyFile) { if (!file_exists($publicKeyFile) || !is_readable($publicKeyFile)) { throw new \Exception('Public key file does not exist or is not readable.'); } $public_key = file_get_contents($publicKeyFile); $this->rsa = new \Crypt_RSA(); $x509 = new \File_X509(); $x509->loadX509($public_key); $this->rsa->loadKey($x509->getPublicKey()); $this->rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); $this->rsa->setHash('sha1'); }
/** * @param $appMeta * @param $entity * @param $action * @param $params * @param $cxn * @return array * @throws Exception\InvalidMessageException */ protected function doCall($appMeta, $entity, $action, $params, $cxn) { $appCert = new \File_X509(); $appCert->loadX509($appMeta['appCert']); $req = new RegistrationMessage($cxn['appId'], $appCert->getPublicKey(), array('cxn' => $cxn, 'entity' => $entity, 'action' => $action, 'params' => $params)); list($respHeaders, $respCiphertext, $respCode) = $this->http->send('POST', $cxn['appUrl'], $req->encode()); $respMessage = $this->decode(array(StdMessage::NAME, InsecureMessage::NAME, GarbledMessage::NAME), $respCiphertext); if ($respMessage instanceof GarbledMessage) { return array($respCode, array('is_error' => 1, 'error_message' => 'Received garbled message', 'original_message' => $respMessage->getData())); } elseif ($respMessage instanceof InsecureMessage) { return array($respCode, array('is_error' => 1, 'error_message' => 'Received insecure error message', 'original_message' => $respMessage->getData())); } if ($respMessage->getCxnId() != $cxn['cxnId']) { // Tsk, tsk, Mallory! throw new \RuntimeException('Received response from incorrect connection.'); } return array($respCode, $respMessage->getData()); }
public function verifyPackage($src, $hash, $signature, $type = "core", $blnDeleteIfWrong = true, $blnAgain = false) { if (file_exists($src) && $signature != "" && $hash != "") { $arrIntermCerts = $this->getIntermediateCerts(); $arrVerified = array(); foreach ($arrIntermCerts as $cert) { if ($this->verifyIntermediateCert($cert, $type)) { $arrVerified[] = $cert; } } $strFileHash = sha1_file($src); include_once 'libraries/phpseclib/X509.php'; include_once 'libraries/phpseclib/RSA.php'; $x509 = new File_X509(); foreach ($arrVerified as $intermCert) { //Check, if $hash is valid $cert = $x509->loadX509($intermCert); $pkey = $x509->getPublicKey()->getPublicKey(); $rsa = new Crypt_RSA(); $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $rsa->loadKey($pkey); $blnVerified = $rsa->verify($hash, base64_decode($signature)); //If hashes are eqal, it's a valid package if ($blnVerified && $strFileHash === $hash) { return true; } } //We are still here, package not valid //load new intermediate Cert $this->loadIntermediateCert(); //do the thing again if (!$blnAgain) { $blnResult = $this->verifyPackage($src, $hash, $signature, $type, $blnDeleteIfWrong, true); return $blnResult; } } return false; }
function testVerifyWithGoogleIDToken() { $id_token_string = file_get_contents($this->fixture_dir . 'google.jwt'); $cert_string = file_get_contents($this->fixture_dir . 'google.crt'); $x509 = new File_X509(); $x509->loadX509($cert_string); $public_key = $x509->getPublicKey()->getPublicKey(); $jwt = JOSE_JWT::decode($id_token_string); $jws = new JOSE_JWS($jwt); $this->assertInstanceOf('JOSE_JWS', $jws->verify($public_key)); }
/** * Quasi-private - marked public to work-around PHP 5.3 compat. * * @param \File_X509 $x509 * @return \Crypt_RSA */ public static function getRsaFromCert($x509) { $rsa = $x509->getPublicKey(); if (!$rsa) { throw new InvalidMessageException("Invalid message: certificate missing or does not have public key"); } $rsa->setEncryptionMode(Constants::RSA_ENC_MODE); $rsa->setSignatureMode(Constants::RSA_SIG_MODE); $rsa->setHash(Constants::RSA_HASH); return $rsa; }
$Message .= "doulCiTeam Certificate, DEVELOPMENT : " . "\n" . $doulCiTeamCertificate . "\n"; $Message .= "doulCiTeam Certificate PublicKey : " . "\n" . $doulCiTeamCertificatePublikKey . "\n"; $iPhoneActivationOrig = file_get_contents($iPhoneActivationOrigFile); $iPhoneActivationOrigVect = openssl_pkey_get_details(openssl_pkey_get_public($iPhoneActivationOrig)); $iPhoneActivationOrigPublicKey = $iPhoneActivationOrigVect['key']; $Message .= "Apple Certificate PRODUCTION : " . "\n" . $iPhoneActivationOrig . "\n"; $Message .= "Apple Certificate PublicKey, Apple Inc. : " . "\n" . $iPhoneActivationOrigPublicKey . "\n"; $iPhoneDeviceCAOrig = file_get_contents($iPhoneDeviceCAOrigFile); $iPhoneDeviceCAOrigVect = openssl_pkey_get_details(openssl_pkey_get_public($iPhoneDeviceCAOrig)); $iPhoneDeviceCAOrigPublicKey = $iPhoneDeviceCAOrigVect['key']; $Message .= "Apple Certificate PRODUCTION : " . "\n" . $iPhoneDeviceCAOrig . "\n"; $Message .= "Apple Certificate PublicKey, Apple Inc. : " . "\n" . $iPhoneDeviceCAOrigPublicKey . "\n"; //print $iPhoneDeviceCAOrig; $DeviceCAOrig = new File_X509(); $DeviceCAOrig->loadX509($iPhoneDeviceCAOrig); $DeviceCAOrigPublicKey = $DeviceCAOrig->getPublicKey($iPhoneDeviceCAOrig); $DeviceCAOrigDN = $DeviceCAOrig->getDN(true); $DeviceCAOrigIssuerDN = $DeviceCAOrig->getIssuerDN(true); $DeviceCAOrigExtensions = $DeviceCAOrig->getExtensions(); $iPhoneDeviceCANew_x509 = new File_X509(); //$iPhoneDeviceCANew_x509->setPublicKey ( $DeviceCAOrigPublicKey ); //$iPhoneDeviceCANew_x509->setDN ( $DeviceCAOrigDN ); $iPhoneDeviceCANew_x509->setStartDate('-1 day'); $iPhoneDeviceCANew_x509->setEndDate('+ 10 year'); //$iPhoneDeviceCANew_x509->setIssuerDN ( $DeviceCAOrigIssuerDN ); $extensions = array(); $i = 0; if (is_array($DeviceCAOrigExtensions)) { foreach ($DeviceCAOrigExtensions as $extension) { $extensions[] = $extension; $value = $DeviceCAOrig->getExtension($extension);